public function password_post()
{
if (IS_POST) {
if (empty($_POST['old_password'])) {
$this->error("原始密码不能为空!");
}
if (empty($_POST['password'])) {
$this->error("新密码不能为空!");
}
$uid = sp_get_current_userid();
$admin = $this->users_model->where("id={$uid}")->find();
$old_password = $_POST['old_password'];
$password = $_POST['password'];
if (sp_compare_password($old_password, $admin['user_pass'])) {
if ($_POST['password'] == $_POST['repassword']) {
if (sp_compare_password($password, $admin['user_pass'])) {
$this->error("新密码不能和原始密码相同!");
} else {
$data['user_pass'] = sp_password($password);
$data['id'] = $uid;
$r = $this->users_model->save($data);
if ($r !== false) {
$this->success("修改成功!");
} else {
$this->error("修改失败!");
}
}
} else {
$this->error("密码输入不一致!");
}
} else {
$this->error("原始密码不正确!");
}
}
}
public function dologin()
{
$login_page_showed_success = session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__");
if (!$login_page_showed_success) {
$this->error('login error!');
}
$name = I("post.username");
if (empty($name)) {
$this->error(L('USERNAME_OR_EMAIL_EMPTY'));
}
$pass = I("post.password");
if (empty($pass)) {
$this->error(L('PASSWORD_REQUIRED'));
}
$verrify = I("post.verify");
if (empty($verrify)) {
$this->error(L('CAPTCHA_REQUIRED'));
}
//验证码
if (!sp_check_verify_code()) {
$this->error(L('CAPTCHA_NOT_RIGHT'));
} else {
$user = D("Common/Users");
if (strpos($name, "@") > 0) {
//邮箱登陆
$where['user_email'] = $name;
} else {
$where['user_login'] = $name;
}
$result = $user->where($where)->find();
if (!empty($result) && $result['user_type'] == 1) {
if (sp_compare_password($pass, $result['user_pass'])) {
$role_user_model = M("RoleUser");
$role_user_join = C('DB_PREFIX') . 'role as b on a.role_id =b.id';
$groups = $role_user_model->alias("a")->join($role_user_join)->where(array("user_id" => $result["id"], "status" => 1))->getField("role_id", true);
if ($result["id"] != 1 && (empty($groups) || empty($result['user_status']))) {
$this->error(L('USE_DISABLED'));
}
//登入成功页面跳转
$_SESSION["ADMIN_ID"] = $result["id"];
$_SESSION['name'] = $result["user_login"];
$result['last_login_ip'] = get_client_ip(0, true);
$result['last_login_time'] = date("Y-m-d H:i:s");
$user->save($result);
setcookie("admin_username", $name, time() + 30 * 24 * 3600, "/");
$this->success(L('LOGIN_SUCCESS'), U("Index/index"));
} else {
$this->error(L('PASSWORD_NOT_RIGHT'));
}
} else {
$this->error(L('USERNAME_NOT_EXIST'));
}
}
}
private function _do_email_login()
{
$username = $_POST['username'];
$password = $_POST['password'];
if (strpos($username, "@") > 0) {
//邮箱登陆
$where['user_email'] = $username;
} else {
$where['user_login'] = $username;
}
$users_model = M('Users');
$result = $users_model->where($where)->find();
$ucenter_syn = C("UCENTER_ENABLED");
$ucenter_old_user_login = false;
$ucenter_login_ok = false;
if ($ucenter_syn) {
setcookie("thinkcmf_auth", "");
include UC_CLIENT_ROOT . "client.php";
list($uc_uid, $username, $password, $email) = uc_user_login($username, $password);
if ($uc_uid > 0) {
if (!$result) {
$data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1', 'user_type' => 2);
$id = $users_model->add($data);
$data['id'] = $id;
$result = $data;
}
} else {
switch ($uc_uid) {
case "-1":
//用户不存在,或者被删除
if ($result) {
//本应用已经有这个用户
if (sp_compare_password($password, $result['user_pass'])) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_uid2 = uc_user_register($username, $password, $result['user_email']);
if ($uc_uid2 < 0) {
$uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册");
$this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]);
}
$uc_uid = $uc_uid2;
} else {
$this->error("密码错误1!");
}
}
break;
case -2:
//密码错
if ($result) {
//本应用已经有这个用户
if (sp_compare_password($password, $result['user_pass'])) {
//本应用已经有这个用户,且密码正确,同步用户
$uc_user_edit_status = uc_user_edit($username, "", $password, "", 1);
if ($uc_user_edit_status <= 0) {
$this->error("登陆错误3!");
}
list($uc_uid2) = uc_get_user($username);
$uc_uid = $uc_uid2;
$ucenter_old_user_login = true;
} else {
$this->error("密码错误4!");
}
} else {
$this->error("密码错误1!");
}
break;
}
}
$ucenter_login_ok = true;
echo uc_user_synlogin($uc_uid);
}
//exit();
if (!empty($result)) {
if (sp_compare_password($password, $result['user_pass']) || $ucenter_login_ok) {
$_SESSION["user"] = $result;
//写入此次登录信息
$data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip(0, true));
$users_model->where("id=" . $result["id"])->save($data);
$redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer'];
$_SESSION['login_http_referer'] = "";
$ucenter_old_user_login_msg = "";
if ($ucenter_old_user_login) {
//$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆";
}
$this->success("登录验证成功!", $redirect);
} else {
$this->error("密码错误7!");
}
} else {
$this->error("用户名不存在!");
}
}
function password_post()
{
if (IS_POST) {
if (empty($_POST['old_password'])) {
$this->error("原始密码不能为空!");
}
if (empty($_POST['password'])) {
$this->error("新密码不能为空!");
}
$user_obj = D("Common/Users");
$uid = get_current_admin_id();
$admin = $user_obj->where(array("id" => $uid))->find();
$old_password = $_POST['old_password'];
$password = $_POST['password'];
if (sp_compare_password($old_password, $admin['user_pass'])) {
if ($_POST['password'] == $_POST['repassword']) {
if (sp_compare_password($password, $admin['user_pass'])) {
$this->error("新密码不能和原始密码相同!");
} else {
$data['user_pass'] = sp_password($password);
$data['id'] = $uid;
$r = $user_obj->save($data);
if ($r !== false) {
$this->success("修改成功!");
} else {
$this->error("修改失败!");
}
}
} else {
$this->error("密码输入不一致!");
}
} else {
$this->error("原始密码不正确!");
}
}
}
